Episode 58: Know The Rules! Donations

Look Out For Donation Scams

After a natural disaster or tragic event, when people are reeling from the devastating impact of events, and members of the public are eager to do whatever they can to assist by making a donation. All too often when tragedy strikes, you need to be aware for scams that prey on your sympathies to steal funds intended for relief funds.

Scammers fraudulently collect sensitive information and steal donations by creating and using fake social media platforms (e.g., Facebook, charity websites, phishing, email, and Twitter) to ask for donations.

These fake websites will usually do one of two things:

  1. Ask for a credit card number to steal donations; and/or
  2. Infect your electronic device with malicious software (malware) that can extract sensitive information passwords, usernames, or account numbers) that is subsequently used to commit fraud.

Always beware when responding to any unsolicited incoming e-mails or text messages.

To combat the threat from this type of scam, HIPAA Covered Entities (CEs) and Business Associates (BAs) should consider training staff on the following practices:

  1. Never allow remote access to your computer unless such access is known to be legitimate, and they can be verify AND is done over a secure connection.
  2. Do NOT trust unsolicited phone calls, emails, or texts – be suspicious & ask questions.
  3. Hang up the phone if you are suspicious of the caller, do NOT trust Caller ID to be accurate, scammers almost always spoof an innocent 3rd party’s phone number.
  4. Be suspicious of requests for personal information over telephone, email, or text.
  5. Do NOT download & install unknown software or purchase unsolicited online services.
  6. Do NOT connect unknown devices or USB drives.
  7. Verify the identity of the caller directly with CE or BA officials, or with the company the caller claims to represent.
  8. Record the caller’s information if you suspect a scam and report it in accordance with your organization’s policies and procedures.

Covered Entities and Business Associates need to understand patients are entrusting YOU with their most private and intimate details, they expect it to remain secure.

Besides, it is YOUR practice, YOUR patient’s, YOUR reputation and YOUR legacy! Why are you leaving yourself wide open to such risks?




For tips like this and more request your copy of our “HIPAA Security Rule – Know The Rules!” Newsletter Today.